Skip to content

Security: actualbudget/actual

SECURITY.md

Security Policy

Supported Versions

We offer security support for the latest stable release of Actual and Actual Server only. To see the current stable version, visit https://actualbudget.github.io/docs/Release-Notes.

We welcome reports of vulnerabilities in unreleased builds, since we’d obviously like to fix them before they’re released!

Reporting a Vulnerability

Please report security vulnerabilities in Actual’s server to https://github.com/actualbudget/actual-server/security/advisories/new, and any vulnerabilities in the client-side web app to https://github.com/actualbudget/actual/security/advisories/new. But don’t worry too much about whether you’re filing a vulnerability in the right repo of the two, the same people maintain both and will be able to see and fix the issue.

There aren’t any published security advisories